Join Us and become a Member for a Verified Badge on Discord to access private areas with the latest PS4 FPKGs.
PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 29, 2017 at 2:03 PM       118,049       220      
Following the PS4 Playground for Firmware 3.55 and PS4 3.55 File Browser, today PlayStation 4 developer qwertyoruiopz made available a PS4 4.0x WebKit RCE Exploit dubbed JailbreakMe PS4 4.0x with details via Twitter below! :D

PS4 Link (click go 3 times): http://rce.party/ps4/ / local rce.rar (3 KB) via Nesterwork / Local RCE v2.rar (6 KB) via Nesterwork / Local rce v3.rar (12 KB) via Nesterwork

According to the developer's Tweets below, the bug used is a stack uninit read yielding UaF and the actual exploit does nothing but give you read/write/infoleak arbitrary JS object primitives.

He also confirmed the exploit won't work on PS4 4.50 as Sony updated WebKit past a vulnerable version unfortunately, but it's still an entry point for those on PlayStation 4 OFW 3.55 through 4.07. (y)

C8MRP_eXkAAwFYE.jpgThat said, if you give it a try on a PlayStation 4 under 4.50 and receive a ffff000000000539 error prompt it's expected output for the exploit's success.

Spoiler: Related Twitter Tweets
Cheers to @DarkElementPL, @DoxyMarket, @hyndrid, @ryan111, @toni1988 and @vettegast for sharing the news in the PSXHAX Shoutbox! <3
JailbreakMe PS4 4.0x PS4 4.0x WebKit RCE Exploit by Qwertyoruiop.jpg
 

Comments

JackQ

Senior Member
Contributor
How do I access to web on the PS4 the never used PSN or using it locally ?
 

jpkb1997

Senior Member
Contributor
i tried it on 4.50 after using it and exiting the internet browser you cannot use any application cannot power off ps4 or play games cannot even open the settings so it basically does something

i disabled java script and then pressed go many times
 

HackYourPS4

Senior Member
Contributor
Verified
i tried it on 4.50 after using it and exiting the internet browser you cannot use any application cannot power off ps4 or play games cannot even open the settings so it basically does something

i disabled java script and then pressed go many times

Cool bro! That helps a lot, you are great hacker!

And some banana dance now: :bananaman17::bananaman17::bananaman17::bananaman17::bananaman17::bananaman16::bananaman17::bananaman17::bananaman17::bananaman12::bananaman12::bananaman11::bananaman2:
 

GibboHull

Senior Member
Contributor
so, what can this exploit lead to?

From what I can gather, nothing we havent seen on previous firmwares so far.

However it being more readily available on a wider range of firmwares can only be a good thing - and this being a relatively large announcement (from someone whos big in the iOS scence) could hopefully lead to some developers creating either a linux exploit, or CFW.
 

lanaiscool

Member
Contributor
Verified
so, what can this exploit lead to?

ROP code execution has been confirmed working with this by the man himself i suggest reading this article https://cturt.github.io/ps4-2.html to see the potential of rop code execution this can lead to minor homebrew however cturt stopped testing rop code execution when the kernel exploit was found and developtment of the 3.55 paygroud has also been abandoned maybe this will bring it back since its an interesting subject
 
Top